Bruce Schneier: "Why do we receive signatures by fax?"
The cryptography guru, the developer of the cipher Blowfish and Twofish, Bruce Schneier in his blog talks about an interesting topic: why, with all the distrust of documents sent by e-mail, many organizations trust fax signatures? After all, this is the strangest thing you can think of. In fact, it is easy to fake them: it is enough to cut a piece of one piece of paper, stick it on another - and send it by fax. For this you need nothing but scissors and glue. Can even cope a child. Faxes are so poorly protected from fakes that if you think about it, it is strange that nowadays someone accepts them at all.
Bruce Schneier says that he repeatedly faxed various documents, including book contracts, bank documents to authorize a credit card, non-disclosure agreements, etc. “It’s amazing how organizations sometimes try to perceive these low-quality, unverified scans as verified, which are transmitted via public communication lines if they flatly refuse to accept the same information as high-resolution scans via (relatively secure) e-mail,” says Bruce. Schneier.
Reflecting on this phenomenon, Bruce Schneier comes to the conclusion that the relative security of faxes is perceived at the level of human psychology only in a broad communication context. Almost always, fax copies are only part of a large transactional scheme in which much more reliable verification systems work. However, the incomprehensible people's trust in faxes sometimes manifests itself to the full. For example, on October 30, 2004, prisoner Tristan Wilson was released from a prison in Memphis after the prison authorities received a fax allegedly from the local police station (in fact, Wilson's accomplices from nearby McDonald’s sent a fax).
As Bruce Schneier always said, the weakest place in almost any system is human psychology. By the way, the cryptography guru recently even wrote a book about the human brain .
Bruce Schneier says that he repeatedly faxed various documents, including book contracts, bank documents to authorize a credit card, non-disclosure agreements, etc. “It’s amazing how organizations sometimes try to perceive these low-quality, unverified scans as verified, which are transmitted via public communication lines if they flatly refuse to accept the same information as high-resolution scans via (relatively secure) e-mail,” says Bruce. Schneier.
Reflecting on this phenomenon, Bruce Schneier comes to the conclusion that the relative security of faxes is perceived at the level of human psychology only in a broad communication context. Almost always, fax copies are only part of a large transactional scheme in which much more reliable verification systems work. However, the incomprehensible people's trust in faxes sometimes manifests itself to the full. For example, on October 30, 2004, prisoner Tristan Wilson was released from a prison in Memphis after the prison authorities received a fax allegedly from the local police station (in fact, Wilson's accomplices from nearby McDonald’s sent a fax).
As Bruce Schneier always said, the weakest place in almost any system is human psychology. By the way, the cryptography guru recently even wrote a book about the human brain .
')
Source: https://habr.com/ru/post/26816/
All Articles